Patching Zend_OpenId To Maintain Error Messages

To help anyone else in their quest to implement Zend_OpenId in their code, I’ve created a small patch against trunk which adds error internal error messages in most places where there’s a return false;. This should help when debugging your code, both if you’re implementing an authentication service and use Zend_OpenId as a consumer or if you’re implementing just the consumer part of the equation.

I’ve uploaded the diff: Consumer.php.patch (Consumer.php.patch.txt).

The only thing that seemed a bit weird was that one of the error messages that were present in 1.6.0 had been removed in trunk:

if ($status != 200) {
    this->_setError("'Dumb' signature verification HTTP request failed");
    return false;
}

I’ve readded this message in my patch, but I feel that the error message should be something like:

$this->_setError("The server responded with HTTP status code: " . $status);

instead.

Oh well. Hopefully someone will find this useful.

Adventures in OpenID and Zend Framework

I’ve been toying around with OpenID and the Zend Framework for a night or two now, and I’ve made a few experiences I thought I should share with the intarwebs (now, that’s probably the point where you should make the decision to stop reading for most blog posts). Quite some time has passed since I last had anything to do with OpenID, so just getting up and running was a challenge.

An OpenID identifier is usually represented by an URL (such as https://me.yahoo.com/<login>), which the OpenID consumer then contacts to get information about how to communicate with the OpenID identity provider (Yahoo! in this case). The consumer contacts the provider, gets an URL to redirect the client to, and receives notice after the client has authenticated with the provider.

First I’d like to say that OpenID seems to be too hard to use for any other than those who have a particular interest in it. I have a Yahoo! account and a Google Account, which both can be used for OpenID authentication. I have no idea how I use my Google Account for this, without having to provide endpoints manually. Ugly.

I did at least get the Yahoo! authentication working, but I’m still undecided on wether I’m going to implement OpenID support in any current project. Possibly. We’ll see.

Anyways, my implementation in Zend Framework is mostly a copy of the tutorial in the ZF manual, but there is one important point that they do not mention: In the standard installation, you have to use Zend_Session to handle your sessions. That means calling Zend_Session::start() instead of session_start(), as Zend_Session cannot be used after a session has been started. This dependency kind of killed my enthusiasm, as we just pull the parts of Zend Framework that we need into our project as thing progresses. Changing how we use sessions is a bit too much to ask. Luckily you can still use $_SESSION as usual after starting Zend_Session, but sitll. Not too fond of that. I hope that it will be decoupled some time in the future..

Testing code:

require_once 'Zend/OpenId/Consumer.php';

$consumer = new Zend_OpenId_Consumer();

if (!empty($_POST['openid_identity']))
{
    if(!$consumer->login($_POST['openid_identity']))
    {
        die("OpenID login failed.");
    }
    else
    {
        print('We logged in!');
    }
}

if (isset($_GET['openid_mode']))
{
    switch($_GET['openid_mode'])
    {
        case 'id_res':
            $consumer = new Zend_OpenId_Consumer();
            $id = false;
            
            if ($consumer->verify($_GET, $id))
            {
                $status = "VALID " . htmlspecialchars($id);
            }
            else
            {
                $status = "INVALID " . htmlspecialchars($id);
            }

            print($status);
            break;

        case 'cancel':
            print("someone pressed cancel!");
            break;
    }
}

Switch out $_POST[‘openid_identity’] with your OpenID identifier (the whole URL), and you should be all set.

If you keep getting failed logins without a redirect, check that you have https support in PHP through openssl (the module is named php_openssl). Zend Framework provides no hint that this can be a problem, but after stepping through the source (I’m test driving NetBeans 6.5) the solution became apparent.

PHP and Annotations

After hacking together some code to solve an issue that came up on an IRC channel I’m up today about how to provide a URL mapping for individual methods — and keeping the responsibility in the method itself, I stumbled across addendum. Addendum implements annotations parsing for PHP and works by using the reflection API in PHP 5.1+. This allows you to add annotations which indicate to your framework which methods should be exposed to the web and which should be kept private. There are loads of other ways to do this (both dynamically and statically), but this is one way that may appeal to someone.

Book Read: The Pixar Touch: The Making of a Company

Just finished “The Pixar Touch: The Making of a Company” in record time (.. for me). Awesome book. I’ve been a fan of Pixar since I first saw Toy Story at a special presentation (.. it had the original voice actors, not the dubbed, Norwegian version) here in Norway in 1996. I still consider Toy Story 2 as one of the best movies ever made.

The Pixar Touch: The Making of a Company gives an unique view of the history of Pixar. As I started following Pixar more closely after that winter day of 1996, I had a simple overview of the situation up until now. What really impressed me was everything that happened up until the release of Toy Story, and as usual, all the random events that formed the great company known as Pixar today. If you have an interest in animated movies, business issues, great histories and great people, I’d really recommend reading this book. It’s awesome.

The mere fact that I read through it in just a few days when I usually spend a couple of weeks on a book is a good testament to that. I’m an even bigger fan of John Lassetter now.

New book: Why We Buy: The Science Of Shopping

What. Four. The number.

Kristian obviously has way too little to do while in Newcastle, UK, so he got challenged by his girlfriend to write a list of four items on several key subjects. And he challenged me to do the same. Bastard.

  1. Name 4 jobs I have had:
  2. 4 movies I could watch again:
  3. Name 4 places I have lived:
    • Trondheim
    • Fredrikstad
    • .. and that’s that.
  4. Name four tv shows I like:
    • West Wing
    • South Park
    • Numb3rs
    • Bones
  5. Four places I have been on vacation:
    • Hartford, CT, USA
    • Orlando, FL, USA
    • Jylland, Denmark
    • London, UK
  6. Four web sites I visit every day:

As I’m a cheerful fellow, I’m not going to challenge anyone. But I’ll leave a brief hint that it’s about time that Ole posts something in his blog again.

(Bonus point: The first time the category “Uncategorized” has been used with intention on this blog. This really is uncategorized.)

Book Read: The Bullfighter’s Guide

Just finished the book Why Business People Speak Like Idiots: A Bullfighter’s Guide today, after reading it off and on for the last week and a half. The book read very easily and while I probably need to read it again after a year or so, I’ve already tried to adopt to several of the good habits proposed in the book. While I feel that I usually get down to earth and try to communicate clearly in my E-mails, I’ve become much more aware of my weasel words and my use of jargon where none is needed. The short read means that the book communicates effectively, and I’d advice anyone who’s going to hold a presentation or write a business related memo or article to at least read it once.

Add it to your wishlist now! (I prefer linking to the original, american Amazon store instead of the UK one, as the US store usually is cheaper. The delivery takes a bit more time, but if you’re in Norway you order loads of books at the same time anyways because of shipping..)

New book: The Pixar Touch: The Making of a Company

Google Earth and Error Code 29

I finally installed Google Earth on my Ubuntu Intrepid installation at work today, but everything crapped out with a “Could not contact… Error code 29” error. Didn’t find any obvious solution at first, but deep inside a thread at the Ubuntu forums I stumbled across a post about how to fix Error Code 29 in Google Earth. The trick? Install lib32nss-mdns through apt-get, delete .googleearth and .config/Google/GoogleEarthPlus.conf, restart and be happy.

Worked great. Thanks Mr. / Ms. / Mrs. Melk79.

iTunes out of Norway?

Apple and the Norwegian Consumer Ombudsman, Forbrukerombudet, have been complaining about each other for quite some time now. The issue that has sparked the controversy is the locked format of Apple iTunes, where music is only available for Apple’s own platform (iPod). The Consumer Ombudsman demands that music sold in the iTunes music shop are made available in a format thatcan be used freely on other devices on the market. Apple had until the 3rd of november to comply with the demands, but have responded that they will not do anything to resolve the issue (Read the letter from Apple here). This has lead the case to now move up higher into the bureaucracy, onto the desk of Markedsrådet. This instance have the right to enforce laws and any decision made here will have to be followed by Apple if they want to keep themselves in the Norwegian market.

I’ve written a bit about the market for digital distribution earlier, and while iTunes have been a great way forward for introducing people to digital purchasing of music, I think that they’d get that position regardless of their use of DRM. They’ve done a few things to loosen up their tight DRM regime, but other providers, such as Amazon, has done a much greater job.

I’m glad to see that the issue is going somewhere serious here in Norway, and I fail to see this as a great threat to the online distribution in Norway. People have made the complaint that this will just lead to Apple pulling out of Norway, leaving our quite small market to itself. If that happens, then we suddently have a large market available for other online ventures, without the threat of Apple going after their market. Imagine the music distribution market in the united states if iTunes suddently decided to stop distributing music. Amazon would laugh all the way to the bank, other ventures would pop up all over the place, and the consumer would probably be better off.

If Apple decides to remove DRM, then it suddenly becomes a viable place for purchasing digital music here in Norway for me. If Apple wins we’re in the same situation as we are today, where they don’t respect the wishes of the consumer organizations anyways.